Description:
Last year hundreds of U.S. companies started to develop their proprietary Certification Authorities. Several announced their plans to become the Central Certification Authority for U.S. or even the whole Internet. People started to ask: "Why does everyone want to be a Certification Authority? Is it because of patriotism, power, money, or maybe other reasons?" Certification Authorities (CAs) are necessary to make use of public key cryptography for commercial purposes safe, easy and efficient. Their primary function is to register public keys generated by individuals, and issue so called certificates (called also digital IDs) that bind a public key to a given person. In their simplest form, certificates contain a public key and a name signed with the CA's private key. Certificates, as opposed to public keys used alone, can be safely stored in a public directory, and send over an insecure network. They allow everyone to securely communicate (and do business) with people they have never met before, without any earlier arrangements. Creating a Certification Authority for any large organization or company requires a lot of technical (as well as administrative) decisions. You must decide what software/hardware to use, what services/algorithms/standards should be supported, how keys are generated and stored, what is a policy regarding proofs of user's identity, how long keys are valid, whether they can be revoked, to which public-key hierarchy (hierarchies) should your Certification Authority subscribe, etc. Your task is to develop a project of the Certification Authority for a university or a large company of your choice.
Literature: